
○ edit VLANs connected to trunk: switchport trunk allowed vlan ?
○ switchport trunk native vlan [#]
○ Router on a Stick (ROAS) divides single int into sub-ints, to
allow inter-VLAN routing
○ config: e.g. int g0/0.10 > encapsulation dot1q 10 > ip add [last
usable, subnet]
○ remember to config trunk port TO ROUTER as well
● Day 18
○ config native VLAN on router:
■ encapsulation dot1q [vlan-id] native
■ ip add on router int (int g0/0 > ip add)
○ layer 3 (multilayer) switches can switch and route. uses switch
virtual interfaces (SVIs) for inter-VLAN routing
■ for packets destined outside LAN, can configure default
route to separate router connected to Internet
■ default interface g0/0 (set int to default config)
■ DO NOT FORGET ip routing, no switchport ON MLS
■ config default route: ip route 0.0.0.0 0.0.0.0 [ip]
■ creating SVIs: config just like routers, but on MLS (int >
ip add > no sh)
● Day 19
○ DTP (dynamic trunking protocol): dynamically configures access or
trunk, not recommended for security purposes
■ dynamic desirable configured ports will ACTIVELY form trunk
links, i.e. with other trunk, dynamic auto or dynamic
desirable ports (older switches default)
■ dynamic auto ports will form trunk links with other trunk
and dynamic desirable ports (newer switches default)
■ disable with switchport nonegotiate (access mode also
disables)
■ favors ISL over 802.1Q
○ VTP (VLAN trunking protocol): allows config VLANs on central
server switch, avoids manual config large networks with several
VLANs
■ three modes: server (modify, store in NVRAM, edit revision #
- used to sync, advertise latest VTP version on trunks,
function as clients), client (sync, advertise, store in
NVRAM - only in v3!!), transparent (no sync, separate
database, no advertising, fwds VTP ads within same domain)
○ vtp mode [mode]
● Day 20
○ redundancy is important, but can cause broadcast storms
(repeatedly flooded broadcast messages) and MAC address flapping
(devices constantly relearning MAC addresses)